3.1 Database Users

Database user names are global across a database (and not per all Sedna databases).Database users interact with database objects. Every database object has its owner - theuser that created it. Every user and role (we will discuss roles in the Section 3.2) has itscreator.

In order to bootstrap the database, a freshly created database always contains onepredefined DBA user with name "SYSTEM"and password "MANAGER". To start your workwith the database, you first have to connect as this initial user, then you can createmore users and change default password (if you care for preventing unauthorized accessto your database).

can grant ”DBA” role to a user, thus making that user also a DBA user(not recommended, as the database with multiple DBA users is hard toadministrate). Any DBA user can also revoke the ”DBA” role from any DBAuser.

An ordinary user:

can act according to the privileges that he has;

can grant and revoke any privileges on the database object that he owns toany user;

can remove database objects that he owns and drop users that he has created.

Every user has its name and password.

To create a user use CREATE USERstatement:

CREATE USER "user-name" WITH PASSWORD "user-password"

For example, the following statement:

CREATE USER "Alice" WITH PASSWORD "mypass"

creates user Alice identified with mypass password.

To remove an existing user, use DROP USERstatement:

DROP USER "user-name"

For example, the following statement removes user Alice:

DROP USER "Alice"

A user can drop only a user he has created. DBA user can drop any user of thedatabase.

To change user password use ALTER USERstatement. A user can change a passwordfor himself or for a user he has created. DBA user can change a password for any user ofthe database.

ALTER USER "user-name" WITH PASSWORD "new-password"

This statement changes the password of the user user-name to the new-password.